1. Secure your home office
Physical security is still very important even if you're working from home. Just as you lock the office when you leave at the end of the day, if possible do the same when working from home.
Laptops can be stolen from your home office, living room or garden. If you take advantage and work outside on a beautiful sunny day, ensure that you bring your laptop inside when you go indoors, even if it is just to make lunch. Keep your home workspace as secure as you keep your normal office.
2. Separate work and home devices
It might be easier said than done, but it's important to set boundaries between your work life and home life, especially while working from home.
While it may seem awkward to switch between devices to simply pay a bill or shop online, do your best to keep your work computer and home computer separate where possible. If the same could be done for your mobile devices, that is great.
This will help reduce the amount of sensitive data exposed in the unfortunate event of your device being stolen or compromised.
3. Encrypt your devices
Encryption is the process of encoding information so only authorized parties can access it. While it doesn't prevent interference and man-in-the-middle attacks, it does deny intelligible content to the interceptor.
If you haven’t already turned on encryption on your devices, you should as it plays an important part in reducing the security risk of lost or stolen devices. Encryption prevents strangers from accessing the contents of your device without the password, PIN, or biometrics.
4. Keep your operating system up to date
Even if you are using a supported operating system, there can be significant delays between the disclosure of a vulnerability and its mitigation. To minimize this risk, ensure all devices apply security patches as soon as possible.
Most modern devices will automatically apply updates by default but you may need to allow your computer to restart to complete the patching process. However, double check we would encourage you to check that this is configured in the settings.
Operating systems aren't the only thing that can be exploited. Software and web browsers are also common targets. For the same reasons mentioned above, keep any installed applications up-to-date.
5. Enable automatic locking
If you walk away from your device at your home office, co-working space, or a coffee shop, ensure you lock your device. The issue is that humans sometimes forget, this is when automatic locking can protect your unattended devices. Automatic locking is enabled by default on most modern devices.
6. Ensure your machine has antivirus
Antivirus software can help protect your computer from viruses, spyware, ransomware, and other types of malware.
Antivirus detects the virus, and it works on removing it from the computer system. Most Oxford University members can download and install Sophos Endpoint antivirus free of charge.
7. Enable find my device and remote wipe
Being able to find and hopefully remote onto your device is an important part of ensuring information security when your device is stolen or lost. Securely wiping a device makes it harder to access your data, no matter how much time or determination an attacker has.
8. Wipe any devices before you sell, share or dispose of
When borrowing, giving, selling or just throwing out an old device, make sure to all data is wiped at the device is returned to factory settings. This will prevent your data from being accessed after you no longer have control over your device, temporarily or permanently.
Before doing this, remember to back up or transfer any important information on the device.
For more information and advice see 'secure mobile devices' and 'protect my computer'.